NetworkManager_dispatcher_tlp_selinux(8)

1NetworkManager_disSpEaLticnhuexr_Ptollpi_csyelNientuwxo(r8kN)MeatnwaogrekrM_adniasgpeart_cdhiesrp_attlcpher_tlp_selinux(8)
2
3
4

NAME

6       NetworkManager_dispatcher_tlp_selinux  - Security Enhanced Linux Policy
7       for the NetworkManager_dispatcher_tlp processes
8

DESCRIPTION

10       Security-Enhanced Linux secures the NetworkManager_dispatcher_tlp  pro‐
11       cesses via flexible mandatory access control.
12
13       The  NetworkManager_dispatcher_tlp  processes execute with the Network‐
14       Manager_dispatcher_tlp_t SELinux type. You can check if you have  these
15       processes running by executing the ps command with the -Z qualifier.
16
17       For example:
18
19       ps -eZ | grep NetworkManager_dispatcher_tlp_t
20
21
22

ENTRYPOINTS

24       The NetworkManager_dispatcher_tlp_t SELinux type can be entered via the
25       NetworkManager_dispatcher_tlp_script_t file type.
26
27       The default entrypoint paths  for  the  NetworkManager_dispatcher_tlp_t
28       domain are the following:
29
30       /usr/lib/NetworkManager/dispatcher.d/99tlp-rdw-nm
31

PROCESS TYPES

33       SELinux defines process types (domains) for each process running on the
34       system
35
36       You can see the context of a process using the -Z option to ps
37
38       Policy governs the access confined processes have  to  files.   SELinux
39       NetworkManager_dispatcher_tlp policy is very flexible allowing users to
40       setup their NetworkManager_dispatcher_tlp  processes  in  as  secure  a
41       method as possible.
42
43       The   following  process  types  are  defined  for  NetworkManager_dis‐
44       patcher_tlp:
45
46       NetworkManager_dispatcher_tlp_t
47
48       Note: semanage permissive  -a  NetworkManager_dispatcher_tlp_t  can  be
49       used  to  make the process type NetworkManager_dispatcher_tlp_t permis‐
50       sive. SELinux does not deny access to permissive process types, but the
51       AVC (SELinux denials) messages are still generated.
52
53

BOOLEANS

55       SELinux  policy  is  customizable based on least access required.  Net‐
56       workManager_dispatcher_tlp policy is extremely flexible and has several
57       booleans  that  allow  you to manipulate the policy and run NetworkMan‐
58       ager_dispatcher_tlp with the tightest access possible.
59
60
61
62       If you want to allow all domains to execute in fips_mode, you must turn
63       on the fips_mode boolean. Enabled by default.
64
65       setsebool -P fips_mode 1
66
67
68

MANAGED FILES

70       The  SELinux  process  type  NetworkManager_dispatcher_tlp_t can manage
71       files labeled with the following file types.  The paths listed are  the
72       default  paths for these file types.  Note the processes UID still need
73       to have DAC permissions.
74
75       tlp_var_run_t
76
77            /var/run/tlp(/.*)?
78
79

FILE CONTEXTS

81       SELinux requires files to have an extended attribute to define the file
82       type.
83
84       You can see the context of a file using the -Z option to ls
85
86       Policy  governs  the  access  confined  processes  have to these files.
87       SELinux NetworkManager_dispatcher_tlp policy is very flexible  allowing
88       users  to setup their NetworkManager_dispatcher_tlp processes in as se‐
89       cure a method as possible.
90
91       STANDARD FILE CONTEXT
92
93       SELinux defines the file  context  types  for  the  NetworkManager_dis‐
94       patcher_tlp, if you wanted to store files with these types in a differ‐
95       ent paths, you need to execute the semanage command to  specify  alter‐
96       nate labeling and then use restorecon to put the labels on disk.
97
98       semanage    fcontext   -a   -t   NetworkManager_dispatcher_tlp_script_t
99       '/srv/NetworkManager_dispatcher_tlp/content(/.*)?'
100       restorecon -R -v /srv/myNetworkManager_dispatcher_tlp_content
101
102       Note: SELinux often uses regular expressions  to  specify  labels  that
103       match multiple files.
104
105       The following file types are defined for NetworkManager_dispatcher_tlp:
106
107
108
109       NetworkManager_dispatcher_tlp_script_t
110
111       -  Set  files  with the NetworkManager_dispatcher_tlp_script_t type, if
112       you want to treat the files as  NetworkManager  dispatcher  tlp  script
113       data.
114
115
116
117       Note:  File context can be temporarily modified with the chcon command.
118       If you want to permanently change the file context you need to use  the
119       semanage fcontext command.  This will modify the SELinux labeling data‐
120       base.  You will need to use restorecon to apply the labels.
121
122

COMMANDS

124       semanage fcontext can also be used to manipulate default  file  context
125       mappings.
126
127       semanage  permissive  can  also  be used to manipulate whether or not a
128       process type is permissive.
129
130       semanage module can also be used to enable/disable/install/remove  pol‐
131       icy modules.
132
133       semanage boolean can also be used to manipulate the booleans
134
135
136       system-config-selinux is a GUI tool available to customize SELinux pol‐
137       icy settings.
138
139

AUTHOR

141       This manual page was auto-generated using sepolicy manpage .
142
143